| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Jun 2020 08:03:09 -0700
From: Yonghong Song <yhs@...com>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
CC: bpf <bpf@...r.kernel.org>, Networking <netdev@...r.kernel.org>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Kernel Team <kernel-team@...com>,
Martin KaFai Lau <kafai@...com>
Subject: Re: [PATCH bpf-next v3 13/15] tools/bpf: selftests: implement sample
tcp/tcp6 bpf_iter programs
On 6/22/20 11:56 PM, Andrii Nakryiko wrote:
> On Mon, Jun 22, 2020 at 5:38 PM Yonghong Song <yhs@...com> wrote:
>>
>> In my VM, I got identical result compared to /proc/net/{tcp,tcp6}.
>> For tcp6:
>> $ cat /proc/net/tcp6
>> sl local_address remote_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode
>> 0: 00000000000000000000000000000000:0016 00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000001 00000000 0 0 17955 1 000000003eb3102e 100 0 0 10 0
>>
>> $ cat /sys/fs/bpf/p1
>> sl local_address remote_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode
>> 0: 00000000000000000000000000000000:0016 00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 17955 1 000000003eb3102e 100 0 0 10 0
>>
>> For tcp:
>> $ cat /proc/net/tcp
>> sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode
>> 0: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 2666 1 000000007152e43f 100 0 0 10 0
>> $ cat /sys/fs/bpf/p2
>> sl local_address remote_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode
>> 1: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 2666 1 000000007152e43f 100 0 0 10 0
>>
>> Signed-off-by: Yonghong Song <yhs@...com>
>> ---
>
> Looks reasonable, to the extent possible ;)
>
> Acked-by: Andrii Nakryiko <andriin@...com>
>
>> tools/testing/selftests/bpf/progs/bpf_iter.h | 15 ++
>> .../selftests/bpf/progs/bpf_iter_tcp4.c | 235 ++++++++++++++++
>> .../selftests/bpf/progs/bpf_iter_tcp6.c | 250 ++++++++++++++++++
>> 3 files changed, 500 insertions(+)
>> create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_tcp4.c
>> create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_tcp6.c
>>
>
> [...]
>
>> +static int hlist_unhashed_lockless(const struct hlist_node *h)
>> +{
>> + return !(h->pprev);
>> +}
>> +
>> +static int timer_pending(const struct timer_list * timer)
>> +{
>> + return !hlist_unhashed_lockless(&timer->entry);
>> +}
>> +
>> +extern unsigned CONFIG_HZ __kconfig __weak;
>
> Why the __weak? We expect to have /proc/kconfig.gz in other tests
> anyway? __weak will make CONFIG_HZ to be a zero and you'll get a bunch
> of divisions by zero.
Make sense. Will change.
>
>> +
>> +#define USER_HZ 100
>> +#define NSEC_PER_SEC 1000000000ULL
>> +static clock_t jiffies_to_clock_t(unsigned long x)
>> +{
>> + /* The implementation here tailored to a particular
>> + * setting of USER_HZ.
>> + */
>> + u64 tick_nsec = (NSEC_PER_SEC + CONFIG_HZ/2) / CONFIG_HZ;
>> + u64 user_hz_nsec = NSEC_PER_SEC / USER_HZ;
>> +
>> + if ((tick_nsec % user_hz_nsec) == 0) {
>> + if (CONFIG_HZ < USER_HZ)
>> + return x * (USER_HZ / CONFIG_HZ);
>> + else
>> + return x / (CONFIG_HZ / USER_HZ);
>> + }
>> + return x * tick_nsec/user_hz_nsec;
>> +}
>> +
>
> [...]
>
>> + if (sk_common->skc_family != AF_INET)
>> + return 0;
>> +
>> + tp = bpf_skc_to_tcp_sock(sk_common);
>> + if (tp) {
>> + return dump_tcp_sock(seq, tp, uid, seq_num);
>> + }
>
> nit: unnecessary {}
>
>> +
>> + tw = bpf_skc_to_tcp_timewait_sock(sk_common);
>> + if (tw)
>> + return dump_tw_sock(seq, tw, uid, seq_num);
>> +
>> + req = bpf_skc_to_tcp_request_sock(sk_common);
>> + if (req)
>> + return dump_req_sock(seq, req, uid, seq_num);
>> +
>> + return 0;
>> +}
>
> [...]
>
>> +static int timer_pending(const struct timer_list * timer)
>> +{
>> + return !hlist_unhashed_lockless(&timer->entry);
>> +}
>> +
>> +extern unsigned CONFIG_HZ __kconfig __weak;
>
> same about __weak here
>
>> +
>> +#define USER_HZ 100
>> +#define NSEC_PER_SEC 1000000000ULL
>> +static clock_t jiffies_to_clock_t(unsigned long x)
>> +{
>> + /* The implementation here tailored to a particular
>> + * setting of USER_HZ.
>> + */
>> + u64 tick_nsec = (NSEC_PER_SEC + CONFIG_HZ/2) / CONFIG_HZ;
>> + u64 user_hz_nsec = NSEC_PER_SEC / USER_HZ;
>> +
>> + if ((tick_nsec % user_hz_nsec) == 0) {
>> + if (CONFIG_HZ < USER_HZ)
>> + return x * (USER_HZ / CONFIG_HZ);
>> + else
>> + return x / (CONFIG_HZ / USER_HZ);
>> + }
>> + return x * tick_nsec/user_hz_nsec;
>> +}
>
> nit: jiffies_to_clock_t() implementation looks like an overkill for
> this use case... Would it be just `x / CONFIG_HZ * NSEC_PER_SEC` with
> some potential rounding error?
We really want to have the output the same as /proc/net/{tcp,tcp6}.
Otherwise, it may cause confusion when comparing bpf_iter_tcp[6] outputs
vs. /proc/net/tcp[6] outputs.
>
>> +
>> +static clock_t jiffies_delta_to_clock_t(long delta)
>> +{
>> + if (delta <= 0)
>> + return 0;
>> +
>> + return jiffies_to_clock_t(delta);
>> +}
>> +
>
> [...]
>
Powered by blists - more mailing lists